Monday 22 May 2017, Poradnik bezpieczeństwa

Netflix for free? Nope. A new scam campaign aimed at stealing info and committing SMS frauds

Lost24

Do not be fooled by the tempting messages send via WhatsApp, offering one year of free membership access to Netflix.

WhatsApp users have been receiving scam messages from friendly sources, linking to a Netflix-like page. The person who clicks on the link will be redirected to the page that promises free access to Netflix on one condition – sending the link to 10 more people using the WhatsApp messenger.

If the condition is met, the victim is redirected to an external domain, unrelated to Netflix, that uses a trusted certificate to feign legitimacy. This page has the ability to automatically detect a device’s language and display its contents accordingly. It also allows the cybercriminals to mine the mobile devices for data, send SMS messages to premium numbers and even encourage the users to download malicious apps.

This way, attackers get the double benefit of new data to exploit and a continually expanding network of attacks.

The security experts from ESET company advises the users who already passed on the link to alert their friends of the scam, uninstall any programs related to this campaign and check with their telephone providers to ensure that they have not been unknowingly subscribed to a premium messaging service.